Hi,
Please find the latest report on new defect(s) introduced to coreboot found
with Coverity Scan.
4 new defect(s) introduced to coreboot found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent
build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1446761: Control flow issues (DEADCODE)
/src/lib/cbmem_common.c: 14 in cbmem_run_init_hooks()
________________________________________________________________________________________________________
*** CID 1446761: Control flow issues (DEADCODE)
/src/lib/cbmem_common.c: 14 in cbmem_run_init_hooks()
8 cbmem_init_hook_t *init_hook_ptr =
9 (cbmem_init_hook_t *)&_cbmem_init_hooks;
10 cbmem_init_hook_t *einit_hook_ptr =
11 (cbmem_init_hook_t *)&_ecbmem_init_hooks;
12
13 if (REGION_SIZE(cbmem_init_hooks) == 0)
>>> CID 1446761: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "return;".
14 return;
15
16 while (init_hook_ptr != einit_hook_ptr) {
17 (*init_hook_ptr)(is_recovery);
18 init_hook_ptr++;
19 }
** CID 1446760: Resource leaks (RESOURCE_LEAK)
/tests/lib/memset-test.c: 34 in setup_test()
________________________________________________________________________________________________________
*** CID 1446760: Resource leaks (RESOURCE_LEAK)
/tests/lib/memset-test.c: 34 in setup_test()
28
29 return 0;
30
31 error:
32 free(buf);
33 free(helper_buf);
>>> CID 1446760: Resource leaks (RESOURCE_LEAK)
>>> Variable "s" going out of scope leaks the storage it points to.
34 return -1;
35 }
36
37 static int teardown_test(void **state)
38 {
39 struct memset_test_state *s = *state;
** CID 1446759: Security best practices violations (STRING_OVERFLOW)
/src/mainboard/prodrive/hermes/mainboard.c: 99 in update_board_layout()
________________________________________________________________________________________________________
*** CID 1446759: Security best practices violations (STRING_OVERFLOW)
/src/mainboard/prodrive/hermes/mainboard.c: 99 in update_board_layout()
93 if (cpu->bus->dev->path.type != DEVICE_PATH_CPU_CLUSTER)
94 continue;
95 if (!cpu->enabled)
96 continue;
97 layout.cpu_count++;
98 if (!layout.cpu_name[0])
>>> CID 1446759: Security best practices violations (STRING_OVERFLOW)
>>> You might overrun the 50-character fixed-size string "layout.cpu_name"
>>> by copying "cpu->name" without checking the length.
99 strcpy(layout.cpu_name, cpu->name);
100 }
101
102 if (cpuid_get_max_func() >= 0x16)
103 layout.cpu_max_non_turbo_frequency = cpuid_eax(0x16);
104
** CID 1446758: Memory - illegal accesses (NO_EFFECT)
/tests/lib/memset-test.c: 88 in test_memset_zero_size()
________________________________________________________________________________________________________
*** CID 1446758: Memory - illegal accesses (NO_EFFECT)
/tests/lib/memset-test.c: 88 in test_memset_zero_size()
82 for (int i = 0; i < MEMSET_BUFFER_SZ; ++i) {
83 s->base_buffer[i] = 0xFF;
84 s->helper_buffer[i] = 0xFF;
85 }
86
87 /* Expect no change in buffer after calling memset with zero size */
>>> CID 1446758: Memory - illegal accesses (NO_EFFECT)
>>> Calling "memset" with size 0: "memset(s->base_buffer, 170, 0UL)" does
>>> nothing.
88 memset(s->base_buffer, 0xAA, 0);
89 assert_memory_equal(s->base_buffer, s->helper_buffer, MEMSET_BUFFER_SZ);
90 }
91
92 static void test_memset_one_byte(void **state)
93 {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq2SfQfrHt3Prsn4qSLrYIrajINpiFX8l0vrlNSf8iCrS27qY0Cr0DkycwNUgGZJj8-3DPGjR_L-2FDzr14mnrsJO5b1wX1hp9b1MAQygl7x-2B74RAaH2cn3yPoS4IAs2eM5OOsYICnqfocxRILsg61l4eWBiwDen8qJN-2Bqk-2BPXDxvN4Dzwi2xR9AT0LrJuTAE4VWw6RXCG9x6m1-2Bge2aauAAWfOjjHfckUDGliTMRm12ngfVoVGboE3ZnZCrl5wBYIDEyB-2BhsdZ20F1dhDMsBBv79MAnveitvPZSSZbjyLkq9cpbvSQtC1M-3D
_______________________________________________
coreboot mailing list -- coreboot@coreboot.org
To unsubscribe send an email to coreboot-le...@coreboot.org
